aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml/vuln.xml
Commit message (Expand)AuthorAgeFilesLines
* The documented xv vulnerabilities were fixed by dinoex@nectar2004-10-121-1/+2
* Note that the image decoding vulnerabilities in gdk-pixbuf have beennectar2004-10-121-2/+5
* Document older cyrus-sasl bug affecting DIGEST-MD5.nectar2004-10-121-0/+23
* Update the description of and list of packages affected by the PHP filenectar2004-10-121-14/+134
* Document unsafe use of environmental variable SASL_PATH in cyrus-sasl.nectar2004-10-091-0/+31
* Add some more apache ports.trhodes2004-10-061-2/+14
* Add imp3 issue, add apache13-ssl issue, correct a tag.trhodes2004-10-061-2/+31
* Note that older packages of bmon were dangerously installed set-user-ID.nectar2004-10-051-0/+25
* Document GnuTLS denial-of-service (already mentioned in portaudit'snectar2004-10-051-0/+39
* Record another PHP vulnerability.nectar2004-10-051-0/+45
* Record another PHP security issue.nectar2004-10-051-1/+50
* Note that xv should not be used.nectar2004-10-051-0/+40
* Note a symlink vulnerability in getmail.nectar2004-10-051-0/+28
* Fill in empty topic from previous commit.nectar2004-10-051-1/+1
* Record FreeBSD-SA-04:15.syscons.nectar2004-10-051-0/+38
* Add missing PORTEPOCH for samba.nectar2004-10-041-1/+1
* Note racoon certificate verification bug.nectar2004-10-041-0/+26
* Note distcc IP address ACL bug.nectar2004-10-031-1/+27
* Remove a duplicate entry.nectar2004-10-031-56/+5
* Correct the version number for latest Mozilla entry.nectar2004-10-011-4/+4
* Document the last few of the relatively recent Mozilla vulnerabilities.nectar2004-10-011-0/+110
* Correct mangled CVE name: s/8983/0903/nectar2004-10-011-1/+2
* Add another two older vulnerabilities affecting Mozilla & co.nectar2004-10-011-8/+161
* Don't forget `ja-samba' also.nectar2004-10-011-0/+1
* Note samba file disclosure vulnerability.nectar2004-10-011-0/+31
* Fix apache version number entry, bump modified date for apache as well.trhodes2004-09-301-2/+2
* Make an initial attempt at covering all Mozilla/Firefox/Thunderbirdnectar2004-09-291-9/+36
* Correct spelling of phpnuke package name.nectar2004-09-281-1/+2
* Note BMP decoder flaws in Mozilla/Firefox/Thunderbird.nectar2004-09-281-0/+48
* Note stack buffer overflow in Mozilla mail.nectar2004-09-281-1/+41
* Document Mozilla/Firefox/Thunderbird heap buffer overflows.nectar2004-09-281-0/+57
* Correct the package name for phpMyAdmin.nectar2004-09-281-1/+2
* Add CERT Vulnerability Note references to xpm entry.nectar2004-09-271-1/+3
* Note two older vulnerabilities in PHP.nectar2004-09-271-0/+111
* Note subversion information disclosure vulnerability.nectar2004-09-271-0/+36
* Add missing PORTEPOCH in a mozilla entry.nectar2004-09-271-3/+5
* Forgot to add <modified> element for last commit.nectar2004-09-251-0/+1
* Add missing PORTEPOCH on one of the mozilla entries.nectar2004-09-251-1/+1
* Document vulnerabilities in lha.nectar2004-09-231-0/+41
* Lately it seems I like to use dashes in topics... but I should atnectar2004-09-231-19/+19
* Document mysql buffer overflow.nectar2004-09-231-0/+27
* Document Mozilla security icon spoofing vulnerability.nectar2004-09-231-0/+39
* Document Mozilla vulnerability involving NULL bytes in FTP URLs.nectar2004-09-231-1/+46
* Document Mozilla automatic file upload vulnerability.nectar2004-09-221-3/+28
* Document mozilla certificate import denial-of-service vulnerability.nectar2004-09-221-0/+48
* Note a file name disclosure issue in rssh.nectar2004-09-221-0/+38
* Add entry describe GNU Radius denial-of-service vulnerability.nectar2004-09-211-0/+36
* Add sudoedit vulnerability.nectar2004-09-211-0/+24
* In latest CVS entry, remove the reference to the exploit. It doesnectar2004-09-201-1/+0
* Oh yeah, add affected FreeBSD versions for CVS issues.nectar2004-09-201-1536/+1534
* Update CVS entry with some details.nectar2004-09-201-13/+31
* Add an entry for the mod_proxy buffer overflow existant in apache13.trhodes2004-09-201-0/+25
* Note some fixes for XPM image decoding vulnerabilities.nectar2004-09-181-4/+16
* Update to gdk-pixbuf vulnerability to reflect the fixed version of gtk20.marcus2004-09-171-1/+2
* Note that a patched version of webmin 1.150 is now available, thanksnectar2004-09-161-2/+4
* Note gdk-pixbuf image decoding issues.nectar2004-09-161-0/+36
* clement@ has patched Apache 2.nectar2004-09-161-3/+3
* Note CUPS printer queue browser denial-of-service.nectar2004-09-161-0/+24
* Note Apache 2 IPv6 address parsing bug.nectar2004-09-151-0/+28
* Note new libXpm vulnerabilities.nectar2004-09-151-0/+46
* I appear to have deleted a line at the last minute. Restore it.nectar2004-09-151-0/+1
* Add mod_dav denial-of-service issue.nectar2004-09-151-0/+28
* Oops, forgot to note that the previous issue affects only the Apache 2.xnectar2004-09-151-1/+1
* Add Apache 2 vulnerability concerning environmental variables innectar2004-09-151-0/+34
* Repair three <freebsdpr> elements. The content of these elementsnectar2004-09-151-3/+3
* Note that some versions of OpenOffice have been corrected.nectar2004-09-151-1/+2
* Fix botched date entry and correct iDefense URL.trhodes2004-09-141-2/+2
* Really add Samba 3 vulnerability.trhodes2004-09-141-1/+26
* Correct version. Note my last commit here was for mpg123 instead oftrhodes2004-09-141-1/+1
* - There is a WITHOUT_X11 version of ImageMagick that needs to benectar2004-09-141-2/+221
* Update for recent Samba3 vulnerabilities.trhodes2004-09-141-0/+27
* Adjust the affected version for imlib now that the 2nd instance of BMPnectar2004-09-021-1/+2
* The recent commit to the krb5 port brought the version to 1.3.4_1 butnectar2004-09-021-1/+1
* Note recent MIT Kerberos 5 vulnerabilities.nectar2004-09-011-0/+74
* Document imlib2 BMP decoder bug.nectar2004-08-311-0/+27
* Document BMP decoder bugs in imlib1 and ImageMagick.nectar2004-08-311-0/+50
* Correct bogus date in mysql entry. (It should be YYYY-MM-DD, notnectar2004-08-301-2/+2
* Add more references (particularly CVE names) for issues affectingnectar2004-08-301-8/+24
* correct/add some referenceseik2004-08-301-35/+48
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-271-0/+37
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-271-1/+38
* Remove <modified/> from the gnomevfs vulnerability since it was the samemarcus2004-08-271-1/+0
* Update the gnomevfs entry to reflect the fixed versions.marcus2004-08-271-2/+3
* Add entry for moinmoin ACL bypass.trhodes2004-08-271-0/+28
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-271-0/+32
* Unsafe URI handling in gnome-vfs, MidnightCommander.nectar2004-08-271-0/+38
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-271-0/+30
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-271-0/+45
* Place port name in the description.trhodes2004-08-241-1/+2
* Add libxine vcd URL handling issue.nectar2004-08-241-0/+39
* Add DoS in SpamAssassin.nectar2004-08-231-0/+30
* Add <modified> date for previous commit.nectar2004-08-231-0/+1
* fidogate-ds was also affected by the ``write files as `news' user''nectar2004-08-231-0/+4
* Off-by-one error in courier-imap entry.nectar2004-08-231-1/+1
* Add a more useful reference for the Qt issue.nectar2004-08-231-0/+1
* Add Qt heap overflow issue.nectar2004-08-231-0/+31
* Add a security issue affected courier-imap when run with certain debugnectar2004-08-231-0/+26
* Add fidogate issue.nectar2004-08-231-0/+26
* Add an issue covering a vulnerability in mysqlhotcopy.nectar2004-08-231-0/+32
* Cancel a VuXML entry for an Apache vulnerability that does not affectnectar2004-08-231-42/+1
* cancelled 6fd9a1e9-efd3-11d8-9837-000c41e2cdad: does not affect FreeBSDeik2004-08-211-27/+1
* Add a pointer to Przemyslaw Frasunek's advisory.nectar2004-08-181-0/+1
* For the lukemftpd/tnftpd issue, add a reference to NetBSD securitynectar2004-08-181-0/+1
* Note a vulnerability in lukemftpd/tnftpd.nectar2004-08-181-0/+47
* multiple CVS vulnerabilitieseik2004-08-171-0/+51
* Correct the version numbers and dates in the last entry.knu2004-08-171-4/+4
* Add an entry for:knu2004-08-171-0/+30
* Document a setgid "games" security issue in xonix. Based on a VuXMLnectar2004-08-171-0/+30
* Correct the version number range affected for ja-samba.nectar2004-08-151-4/+4
* Correct the version number range affected for Mozilla 1.8 alphas.nectar2004-08-151-4/+13
* Format string vulnerability in jftpgw.trhodes2004-08-141-0/+28
* Repair broken URL.nectar2004-08-131-1/+1
* Add two issues covering three KDE advisories: two temporary filenectar2004-08-131-0/+67
* The last commit should have changed the comparison tag from <le> to <lt>.marcus2004-08-131-1/+1
* Update Gaim vulnerability (5b8f9a02-ec93-11d8-b913-000c41e2cdad) to indicatemarcus2004-08-131-1/+2
* The MSN component of Gaim contains remotely exploitable buffernectar2004-08-131-0/+25
* The Adobe Acrobat Reader can be coerced into executing arbitrarynectar2004-08-131-0/+36
* Under certain configurations of POPfile may allow an attacker tonectar2004-08-131-0/+25
* Correct version information syntax in a number of entries. VuXML-usingnectar2004-08-131-22/+40
* give the ImageMagick png vulnerability an own entryeik2004-08-121-6/+28
* f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of 6f955451-ba54-11d8-b88...eik2004-08-121-0/+6
* add a reference for linux-png-1.0.x to 3a408f6f-9c52-11d8-9366-0020ed76ef5aeik2004-08-101-3/+4
* add ImageMagick to the list of png-vulnerable portseik2004-08-091-1/+6
* correct typoeik2004-08-071-2/+2
* Add an entry for Thunderbird to the libpng vulnerability.marcus2004-08-071-0/+4
* move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list o...eik2004-08-061-0/+47
* move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list o...eik2004-08-051-0/+93
* Mozilla / Firefox user interface spoofing vulnerabilityeik2004-07-301-0/+42
* Use &amp; instead of naked &.des2004-07-271-1/+1
* Add CVE name and correct URL to iDEFENSE advisory for the SSLtelnet issue.des2004-07-271-1/+2
* - add some referenceseik2004-07-231-7/+20
* Fix an XML tag.trhodes2004-07-221-1/+1
* Mark the 2.2.x series of Samba as vulnerable.trhodes2004-07-221-2/+5
* Recently announced Samba issue.trhodes2004-07-221-0/+26
* fix courier-imap version numbereik2004-07-161-1/+5
* PHP memory_limit and strip_tags() vulnerabilities.eik2004-07-151-0/+52
* etherealeik2004-07-111-1/+87
* move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xmleik2004-07-081-0/+31
* XSS vulnerability affecting other webmail systemseik2004-07-061-0/+32
* Add missing mandatory <body> element for SSLtelnet issue.nectar2004-07-061-2/+4
* Add an entry for the SSLtelnet format string vulnerability.des2004-07-051-4/+25
* Pavuk HTTP Location header overflownaddy2004-07-031-0/+28
* Move phpnuke vulnerabilities to VuXML.trhodes2004-07-031-0/+31
* GNATS local privilege elevation (corrected PORTREVISION)eik2004-07-021-1/+1
* GNATS local privilege elevationeik2004-07-021-0/+32
* Whitespace cleanup.des2004-07-021-18/+18
* Add SA-04:13.linuxdes2004-07-021-0/+30
* move "phpMyAdmin code injection" to vuxmleik2004-07-021-2/+9
* - Add phpMyAdmin 2.5.7 vulnerability.pav2004-07-021-0/+25
* Use the equal '=' sign as only the current version was affected.trhodes2004-06-291-1/+2
* add a reference to ISC DHCP overflowseik2004-06-291-1/+2
* Add xorg-clients due to xdm socket vuln.trhodes2004-06-291-0/+28
* Move MoinMoin entry to VuXML.trhodes2004-06-281-0/+24
* reference cleanupeik2004-06-281-42/+29
* Fix the previous entry; it had an incorrect port range.trhodes2004-06-261-2/+2
* Add an entry for recent isc-dhcp3-server buffer overflows.trhodes2004-06-261-0/+29
* Move giFT-FastTrack to VuXML.trhodes2004-06-261-0/+27
* Fix an older entry which ends with "buffer overflows vuxml".trhodes2004-06-251-2/+2
* Move the Gallery entry to VuXML.trhodes2004-06-251-0/+29
* www/sitecopy uses the included libneon version 0.24.0eik2004-06-251-2/+13
* I believe that linux-png-1.2.2 still contains the vulnerability.eik2004-06-221-1/+4
* - Extend png entry to cover it's linux-png variantpav2004-06-221-1/+5
* Midnight Commander security vulnerabilitiesfjoe2004-06-151-1/+2
* add a $FreeBSD$ tageik2004-06-121-0/+2
* Add CAN-2004-0541 (buffer overflow in Squid NTLM authentication helper)des2004-06-101-0/+30
* Fix for CAN-2004-0097eik2004-06-081-3/+3
* Correction: FreeBSD-SA-04:12.jailroute does not apply to 4.7 and older.des2004-06-081-1/+1
* Whitespace cleanupdes2004-06-081-8/+8
* Add FreeBSD-SA-04:12.jailroute.des2004-06-081-0/+32
* FreeBSD-SA-04:11des2004-05-261-612/+644
* Update modified date for mysql bug after fixing typo.ale2004-05-241-1/+1
* Add CVE name for one of the leafnode issues.nectar2004-05-211-0/+1
* Edit the topics to distinguish a bit better between the differentnectar2004-05-211-3/+5
* Document several issues in leafnode.nectar2004-05-211-0/+99
* Fix typo.ale2004-05-211-1/+1
* Correct a typo (s/Jon/Joe/)nectar2004-05-201-2/+2
* Add subversion and neon date parsing vulnerabilities.nectar2004-05-201-0/+67
* make tidydes2004-05-191-37/+37
* Add an entry for the cvs pserver heap overflow.des2004-05-191-0/+34
* Add CVE name and CERT Vulnerability Note references for old Cyrus bug.nectar2004-05-181-0/+3
* make tidynectar2004-05-181-161/+160
* Add URI handling issue that affects Opera and KDE, at least.nectar2004-05-181-0/+40
* Note that the mysqlbug has been fixed.ale2004-05-181-2/+4
* Update version number for fspd, now that it has been corrected.nectar2004-05-171-1/+2
* &, not |eik2004-05-151-2/+1
* ProFTPD vulnerability is fixed ineik2004-05-151-1/+2
* Add Cyrus IMSPd security release.nectar2004-05-131-0/+30
* Add old Cyrus IMAP server heap buffer overflow.nectar2004-05-121-0/+35
* The security issue of multimedia/xine (insecure temporary file creation innobutaka2004-05-101-2/+2
* Only one <modified> is allowed per entry.nectar2004-05-071-1/+0
* Correct the discovery date for the proftpd issue.des2004-05-071-1/+2
* Oops. s/2005-05-05/2004-05-05/ :-)nectar2004-05-071-1/+1
* Second-guess Oliver and correct the affected entry for eximnectar2004-05-071-4/+5
* exim buffer overflow when verify = header_syntax is usedeik2004-05-061-0/+27
* Add phpBB session table exhaustion issue.nectar2004-05-061-0/+29
* Add the issues covered in FreeBSD-SA-04:08.heimdal andnectar2004-05-061-1/+48
* make tidynectar2004-05-051-457/+454
* Use PORTVERSION conventions for FreeBSD version numbers, so thatnectar2004-05-051-32/+40
* Correct package name for xchat Socks5 vulnerability (xchat -> xchat2).nectar2004-05-041-2/+3
* Correct the fixed version for lha.nectar2004-05-041-1/+2
* png issue was fixed in png-1.2.5_4nectar2004-05-031-1/+2
* Add a vulnerability in www/pound.nectar2004-05-031-0/+203
* tla is also affected by libneon issue.nectar2004-05-011-2/+10
* Added CVE name for ident2 issue.nectar2004-04-241-1/+88
* Add mysqlbug temporary file handling vulnerability.nectar2004-04-171-92/+146
* Additional CVE name for recent CVS vulnerability.nectar2004-04-161-0/+2
* Add kdepim vulnerabilitynectar2004-04-161-0/+25
* Add neon vulnerabilitynectar2004-04-161-2/+35
* Add CVS vulnerabilities.nectar2004-04-151-0/+42
* Document another racoon DoS vulnerability.nectar2004-04-141-2/+41
* make tidynectar2004-04-141-59/+59
* Add CVE name for racoon DoS vulnerability.nectar2004-04-141-0/+2
* Correct modified date in previous commit: format is YYYY-MM-DD andnectar2004-04-141-1/+1
* Midnight Commander vulnerability CAN-2003-1023 was fixed in version 4.6.0_9.fjoe2004-04-141-1/+2
* make tidynectar2004-04-081-94/+85
* Add new affected version of gaim.nectar2004-04-081-1/+159
* Add two racoon issues, one particularly serious.nectar2004-04-071-0/+53
* Add CVE name for oftpd issue.nectar2004-04-061-1/+2
* Add Midnight Commander buffer overflow.nectar2004-04-041-0/+33
* Add VuXML 1.1 DTDnectar2004-04-031-1/+1
* make tidynectar2004-04-031-31/+30
* Add Heimdal cross-realm validation issue.nectar2004-04-031-0/+31
* Add security issue affecting the Courier mail services.nectar2004-04-011-0/+52
* Add isakmpd denial-of-service vulnerability.nectar2004-04-011-0/+38
* Add apache 2 DoS vulnerability that doesn't affect us. I keep comingnectar2004-04-011-0/+45
* Add mplayer and tcpdump issues.nectar2004-04-011-0/+68
* Correct a mispelled CVE name.nectar2004-04-011-1/+2
* make tidynectar2004-03-301-306/+290
* Fix dates for SA-04:06.ipv6 and phpbb issues (typos).nectar2004-03-301-8/+42
* Add zebra/quagga denial of service vulnerability.nectar2004-03-301-0/+31
* Correct advisory name for old bind issue.nectar2004-03-291-1/+1
* Add old ecartis issue.nectar2004-03-291-1/+64
* Add Emil issue.nectar2004-03-291-0/+32
* Fix a botched version number (the package name was erroneously included).nectar2004-03-291-1/+51
* Add ethereal vulnerabilities.nectar2004-03-271-0/+46
* Oops, empty <topic> tag. Fill in for squid ACL bypass issue.nectar2004-03-271-2/+2
* Add squid ACL bypass.nectar2004-03-261-0/+56
* Add ezbounce (old) and phpBB (new)eik2004-03-261-0/+51
* Add xdeview to existing UUDecode issuenectar2004-03-261-0/+28
* Add uulib, uudeview issue.nectar2004-03-191-0/+24
* Add OpenSSL denial-of-service vulnerability.nectar2004-03-171-0/+32
* ModSecurity < 1.7.5eik2004-03-171-0/+24
* Remove linux-XFree86-libs.nectar2004-03-151-4/+0
* add russian/apache13*eik2004-03-121-1/+9
* - restore the healthy mix of marc and securityfocuseik2004-03-121-4/+4
* remove vid 3ca8dd7a-6fb3-11d8-873f-0020ed76ef5a, since the unsafe calleik2004-03-121-33/+1
* add a modified tag to vid 09d418db-70fd-11d8-873f-0020ed76ef5aeik2004-03-121-0/+1
* The apache ports have fixes from CVSeik2004-03-121-2/+8
* canonicalize list urls (mostly bugtraq)eik2004-03-121-6/+6
* correct typoeik2004-03-111-2/+3
generated by cgit (git 2.34.1) at 2025-01-11 08:57:39 +0800